1. What is GDPR

Want to watch this video? Sign up for the course here. Or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.



Sign Up

Understanding GDPR and the Data Protection Act 2018

Introduction to GDPR

GDPR stands for General Data Protection Regulation, a comprehensive European regulation on data protection. Despite the UK's departure from the European Union, GDPR rules still largely apply to protect your personal data and its usage.

The Data Protection Act 2018

The Data Protection Act 2018 governs how your personal information is used by organisations, businesses, and the government. It serves as the UK's implementation of the GDPR. Everyone responsible for using personal data must adhere to strict rules known as data protection principles.

Data Protection Principles

  • Information must be used fairly, lawfully, and transparently.
  • Used for specified, explicit purposes.
  • Used in a way that is adequate, relevant, and limited to what is necessary.
  • Accurate and, where necessary, kept up-to-date.
  • Kept for no longer than is necessary.
  • Handled in a manner that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction, or damage.

Stronger Legal Protections

Certain types of personal data receive stronger legal protections. This includes information regarding:

  • Race
  • Ethnic background
  • Political opinions
  • Religious beliefs
  • Trade union membership
  • Genetics
  • Biometrics (when used for identification)
  • Health
  • Sex life or orientation

There are also specific safeguards for personal data related to criminal convictions and offences.

Your Rights Under the Data Protection Act 2018

Under the Data Protection Act 2018, you have several rights regarding your personal data:

  • The right to be informed about how your data is being used.
  • The right to access your personal data.
  • The right to have incorrect data updated.
  • The right to have data erased.
  • The right to stop or restrict the processing of your data.
  • Data portability, allowing you to obtain and reuse your data across different services.
  • The right to object to how your data is processed in certain circumstances.
  • The right to object when an organisation is using your personal data for automated decision-making processes, including profiling, without human involvement (e.g., to predict your behaviour or interests).

Conclusion

Understanding GDPR and the Data Protection Act 2018 is crucial for ensuring your personal data is handled appropriately and securely. By being aware of your rights and the principles organisations must follow, you can better protect your personal information.